package com.xiu.controller;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.xiu.pojo.ExamUser;
import com.xiu.service.LoginService;

@Controller
@RequestMapping(value="/exam")
public class LoginController {

	@Autowired
	LoginService loginService;
	
	//跳转登录页面
	@RequestMapping(value="/login",method=RequestMethod.GET)
	public String login(Model model){
		ExamUser examUser = new ExamUser();
		model.addAttribute("examUser", examUser);
		return "exam/login";
	}
	
	//登录校验
	@RequestMapping(value="/login",method=RequestMethod.POST)
	public String login(@Validated @ModelAttribute ExamUser examUser,BindingResult br,Model model,HttpServletRequest request,HttpServletResponse response,HttpSession session) throws IOException{
		if(br.hasErrors()){
			return "exam/login";
		}
		if(examUser != null){
			if(examUser.getExamNumber() != null && examUser.getExamPassword() !=null){
				ExamUser examUser1 = loginService.login(examUser);
				if(examUser1 == null){
					model.addAttribute("msg", "number or password error");
					return "exam/login";
				}
				if(examUser1 != null){
					//System.out.println("examUser1:"+examUser1.getExamNumber());
					request.getSession().setAttribute("user", examUser1);
					if(examUser1.getExamNumber() != null && examUser1.getExamPassword() !=null){
						Subject subject = SecurityUtils.getSubject();
						String number =  String.valueOf(examUser1.getExamNumber());//将int类型的number转成String类型。toString()方法，容易报空指针异常
						//System.out.println(number);
						
						AuthenticationToken token = new UsernamePasswordToken(number,examUser1.getExamPassword());
						subject.login(token);
						String userName =examUser1.getExamName();
						int userId = examUser1.getexamStuId();
						request.getSession().setAttribute("userNumber", examUser1.getExamNumber());
						request.getSession().setAttribute("userName", userName);
						request.getSession().setAttribute("userId", userId);
						model.addAttribute("msg", "success");
					}else{
						model.addAttribute("msg", "number or password error");
						return "exam/login";
					}
				}
			}else{
				model.addAttribute("msg", "user is exit");
				return "exam/login";
			}
		}
		return "redirect:/exam/welcome";
	}
	
	@RequestMapping(value="welcome",method=RequestMethod.GET)
	public String goWelcome(){
		return "exam/welcome";
	}
	
	//退出
	@RequestMapping(value="/logout",method=RequestMethod.GET)
	public String logout(ExamUser examUser,HttpServletRequest request,HttpSession session){
		request.getSession().removeAttribute("userName");
		return "redirect:/exam/login";
	}
	
}
